China's Great Firewall appears to be redirecting large amounts of "bogus traffic" to foreign sites. It's unclear whether this is deliberate policy or an accidental artifact of Chinese censorship, but the redirection arouses overheated complaints that China has "weaponized its entire population" into a DDoS attack machine.
A French museum cancels a cartoonists' convention after it sustains cyber attacks (the museum also notes Islamist murders at Charlie Hebdo and a Danish symposium featuring a controversial cartoonist).
The ISIS-affiliated al-Battar Media Foundation's female unit (the al-Khansaa Media Brigade) steps up social media recruiting of women residing in Europe and North America. The Brigade urges them to rally to the Caliphate. Saudi Arabia's new king convened a summit of Islamic organizations in Mecca last week with the aim of organizing a Muslim response to ISIS terror — observers watch for the conference to prompt information operations.
Akamai's Prolexic unit looks into DDoS-for-hire exploitation of vulnerable software-as-a-service platforms (Joomla among them).
Malwarbytes describes how compromised cPanel "Account Suspended" pages redirect to the Fiesta exploit kit.
Bitdefender finds ten "unusually aggressive" adware-infested apps in Google Play.
Shodan searches reveal some 2500 Seagate network attached storage devices vulnerable to a zero-day disclosed back in October.
Trend Micro reports seeing new TorrentLocker email vectors that bypass spam filters and use DMARC reports (Domain-based Message Authentication, Reporting and Conformance) in target reconnaissance.
Analysts consider the significance of the Gemalto hack and the Lenovo-Supership incident.
SAIC acquires Scitor.
Biometrics and deep web scanning contribute to US investigations of ISIS.
Today's issue includes events affecting Australia, Austria, Brazil, Canada, China, European Union, France, India, Indonesia, Iraq, Ireland, Kuwait, Mexico, Netherlands, Norway, Portugal, Saudi Arabia, Syria, United Kingdom, United States.
Cyber Attacks, Threats, and Vulnerabilities
China's Great Firewall is demolishing foreign websites — and nobody knows why(Quartz) Software designer Craig Hockenberry noticed something very strange was happening to his small corporate website The Iconfactory one morning last month: traffic had suddenly spiked to extremely high levels — equivalent to more than double the amount of data transmitted when Kim Kardashian's naked photos were published last year
Islamic State's female jihadists use social media to lure women recruits(Long War Journal) Jihadist women are using social media to recruit other women for the Islamic State's declared "caliphate." The practice is not a new phenomenon. Western females who have migrated to the Islamic State have used various online platforms to lure young women into jihad in Syria
Security alert: DDoS-for-hire preying on SaaS apps such as Joomla(First Post) Akamai's Prolexic Security Engineering & Research Team (PLXsert) in collaboration with PhishLabs' R.A.I.D, has come up with a new cybersecurity threat advisory alerts enterprises and Software-as-a-Service (SaaS) providers of attackers using Joomla servers with a vulnerable Google Maps plugin installed as a platform for launching distributed denial of service (DDoS) attacks
Aggressive adware in Google Play apps(Help Net Security) Bitdefender has discovered 10 Google Play apps that have been packed full of aggressive adware. These either subscribe users to premium-rate numbers using scareware messages or install additional apps that incorporate even more ads
TorrentLocker Ransomware Uses Email Authentication to Refine Spam Runs(TrendLabs Security Intelligence Blog) In monitoring the ransomware TorrentLocker, we noticed a new development in its arrival vector. In previous entries, we noted that a particular wave of the crypto-ransomware was using spammed messages that were designed to evade spam filters
Dridex Downloader Analysis(Infosec Institute) Yesterday I received in my company inbox an email with an attached .xlsm file named D92724446.xlsm coming from Clare588… Central and local AV engines did not find anything malicious, and a multiengine scan got 0/57 as result
Why the Anthem Breach May Be a Catastrophic Event for US Children(Cyveillance Blog) In all the noise around the stolen customer data at Anthem Healthcare, many have missed what is now a new and very serious risk to American households: millions of children's social security numbers have been stolen, and will be used in waves of financial crimes over decades to come
Inside a Retail Hack: Lateral Movement & Credential-Harvesting(Duo Security) In 2014, 1,000 retail businesses were hit by remote attacks. Ultimately, most retail attacks started with stolen credentials, which enabled attackers to move laterally, harvesting credentials along the way until they reached their final destination
Five Reasons ICS-SCADA Security is Fragile(Dark Matters) Industrial control systems support our way of life, and yet they are fragile. To understand why they are so fragile, it's important to first understand a bit of the ICS architecture
The shift to secure apps in the enterprise(Help Net Security) As enterprises are mobilizing content and apps, they are also fortifying their cyber resiliency with accelerated activations of secure mobile apps, which grew 65 percent during the fourth quarter and 300 percent during the year, according to Good Technology
What Healthcare Boards Need to Know About Hacking(Health Data Management) Hospital chain Community Health Systems offered 4.5 million patients identity protection services after a major hack of its information systems, with the attackers suspected to be part of a criminal ring in China
Threat from Cyber Crimes: Insurance Cover Mooted(New Indian Express) Emphasizing the need for providing insurance cover against cyber crimes in the financial sector, RBI executive director G Padmanabhan said that it was important for the insurance sector to respond in providing cover against the cyber crimes
Comodo Introduce KoruMail(Host Review) The Comodo organization, a global innovator and developer of cyber security solutions, today announced the general availability of Comodo KoruMail, an enterprise antispam appliance that uses advanced spam filters and anti-virus scanners to prevent unsolicited mail from entering an enterprise network and potentially delivering damaging malware
Freeware tool helps monitor privileged accounts(Help Net Security) Netwrix Effective Permissions Reporting Tool is a freeware solution designed to monitor privileged accounts by reporting on effective permissions in Active Directory and file shares
Modern Defense Against CSRF Attacks(Resonant Core) In web application security, Cross-Site Request Forgery (CSRF) is a type of attack that tricks the victim into running a command on behalf of the attacker by sending the victim an otherwise innocent HTML snippet
CIOs and CISOs to focus on threat intelligence(SC Magazine) Chief Information Officers (CIO), Chief Information Security Officers (CISOs) and other senior IT leaders will increasingly deploy threat intelligence-based solutions in their enterprise networks over the next three years, according to a new report
Privacy and Humanity Elements for the IoT/IoE(Dark Matters) In the first and second parts of this series we have introduced the risks of the IoT / IoE world, addressed the mandatory security design considerations around the C-I-A — triple, the concepts of "openness", the secure system and SDLC, the 4 "A"s, as well as the term "non-repudiation"
Security framework for governments deploying the cloud(Help Net Security) ENISA released a framework structured into four phases, nine security activities and fourteen steps that details the set of actions Member States should follow to define and implement a secure Gov Cloud
IARPA's CAUSE Cybersecurity Program Elicits Reaction From Experts(HS Today) The Intelligence Advanced Research Projects Activity's (IARPA) recent announcement that its Office for Anticipating Surprise held a "proposers' day conference" for its Cyber-attack Automated Unconventional Sensor Environment (CAUSE) Program in anticipation of the release of a new solicitation in support of the program has provoked a variety of responses by cybersecurity authorities
NIH dives into cyber-physical systems research(GCN) The National Institutes of Health, in collaboration with several other agencies, has announced funding and grant opportunities in the area of cyber-physical systems (CPS), a new generation of embedded systems with integrated computational and physical capabilities
PA Cyber teams top Pennsylvania in cyber security competition(PRNewswire via IT Business Net) Three teams of high school students from PA Cyber Charter School finished highest in the state in a national competition in which students apply IT skills to remove hacking tools, viruses, and other computer security threats in a six-hour scenario
Legislation, Policy, and Regulation
NATO: Defending agains the known unknowns(SC Magazine) Near the Belgian city of Mons, site of World War I's first major battle, not far from the battlefields of Waterloo, is one of todays ongoing international cyber-battlefields, NATO's Supreme Headquarters Allied Powers Europe (SHAPE)
An Anti-ISIS Summit in Mecca(The Atlantic via Defense One) A little-noticed conference in Mecca on 'Islam and Counterterrorism' offers a counterpoint to the Obama administration's narrative on how to defeat ISIS
China's information security rules justified(Global Times) Over the weekend, the US media reported that dozens of executives of Silicon Valley companies and trade association officials had asked Washington to get tough with Beijing, assuming that China's new regulations on information security would give them a tougher business environment in China. Earlier in February, four senior US officials, Secretary of State John Kerry, Treasury Secretary Jacob Lew, Commerce Secretary Penny Pritzker and Trade Representative Michael Froman, signed and sent a letter to their Chinese counterparts to ask for the suspension of a banking regulation
China Draft Counterterror Law Strikes Fear in Foreign Tech Firms(Re/code) China is weighing a far-reaching counterterrorism law that would require technology firms to hand over encryption keys and install security "backdoors," a potential escalation of what some firms view as the increasingly onerous terms of doing business in the world's second-largest economy
A Year of Terror Hasn't Made CPACers Warm to the NSA (National Review) The attendees of the Conservative Political Action Conference skew much younger and more libertarian than the Republican party as a whole, but it's still striking that about two-thirds of participants in the conference's straw poll oppose the National Security Agency's use of telephone metadata to investigate terrorism
What banks and regulators do to combat hacking(Finance Innovation) Gartner defines identity access management (IAM) as the security discipline that enables the right individuals to access the right resources at the right times for the right reasons
Data breaches fuel new era of tax fraud(The Hill) The rash of massive data breaches across the United States is driving a new era of electronic tax fraud that has caught Congress's attention and left consumers wondering if their tax information is safe
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
10th Annual ICS Security Summit(Orlando, Florida, USA, February 22 - March 2, 2015) Attendees come to the Summit to learn and discuss the newest and most challenging cyber security risks to control systems and the most effective defenses. The Summit is designed so you leave with new tools...
2015 Cyber Risk Insights Conference — San Francisco(San Francisco, California, USA, March 3, 2015) Following on the success of the 2014 half-day cyber risk event, Advisen will present a full day of learning and networking for risk managers, CISOs, CROs, insurance brokers, insurance underwriters, reinsurers...
Cybergamut Technical Tuesday: Tor and the Deep Dark Web(Columbia, Maryland, Sioux Falls, March 3, 2015) This talk will explore the use of Tor and how it relates to garnering useful intelligence. Distinguishing attribution or valuable intelligence from limited event data is difficult. Leveraging external...
Boston SecureWorld(Boston, Massachusetts, USA, March 4 - 5, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...
Mercury Proposers' Day Conference(IARPA1, Washington, DC, March 5, 2015) The Intelligence Advanced Research Projects Activity (IARPA) will host a Proposers' Day Conference for the Mercury Program on March 5, in anticipation of the release of a new solicitation in support of...
OISC: Ohio Information Security Conference(Dayton, Ohio, USA, March 11, 2015) Technology First invites you to participate in the 12th Annual Ohio Information Security Conference Wednesday, March 11, at the Sinclair Community College Ponitz Center in Dayton, Ohio. The conference...
RiSK Conference 2015(Lasko, Slovenia, March 11 - 12, 2015) In recent years RISK conference has become one of the leading events on computer security in the Adriatic region and is attended by engineering as well as executive staff of companies from the region.
B-Sides Vancouver(Vaqncouver, British Columbia, Canada, March 16 - 17, 2015) The third annual Security B-Sides Vancouver is an information security conference that will be held March 16th and 17th. We love to see brand new speakers, seasoned speakers, and everyone in between
Insider Threat 2015 Summit(Monterey, California, USA, March 16 - 17, 2015) The Insider Threat 2015 Summit is about bringing Government and Industry organizations and their cybersecurity leaders together in order to better understand the type of threats that may impact their infrastructure...
2015 North Dakota Cyber Security Conference(Fargo, North Dakota, USA, March 17, 2015) The North Dakota Cyber Security Conference brings together community members from academia, government and industry to share strategies, best practices and innovative solutions to address today's challenges...
Philadelphia SecureWorld(Philadelphia, Pennsylvania, USA, March 18 - 19, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...
2015 Cyber Security Summit(McLean, Virginia, USA, March 19, 2015) During Congressman Mike Rogers' "The Code War in America" talk at the June 2013 POC breakfast, he challenged all of us to "recognize that every day U.S. businesses are targeted by governments like China...
BSides Salt Lake City(Salt Lake City, Utah, USA, March 20 - 21, 2015) BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation
CarolinaCon-11(Raleigh, North Carolina, USA, March 20 - 22, 2015) CarolinaCon-11 (also hereby referred to as "The Last CarolinaCon As We Know It") will occur on March 20th-22nd 2015 in Raleigh NC (USA). We are now officially accepting speaker/paper/demo submissions...
Cyber Security Conference 2015(Bolton, UK, March 23 - 24, 2015) Cyber Security Conference 2015 is a coming together of the North of England's two most successful Cyber Security Conferences; BEC Information & Data Security Conference and Lancaster University's North...
CyberTech Israel 2015(Tel Aviv, Israel, March 24 - 25, 2015) In the face of these enemies and threats, individuals, organizations and states are required to produce innovative, unique solutions that would improve the resistance and resilience of the sensitive systems...
2nd Annual ISSA COS Cyber Focus Day(Colorado Springs, Colorado, USA, March 25, 2015) Join us for the Information Systems Security Association (ISSA) — Colorado Springs Chapter — Cyber Focus Day set to take on Wednesday, March 25, 2015 at the University of Colorado Colorado...
28th Annual FISSEA Expo(Gaithersburg, Maryland, USA, March 25, 2015) This year's theme is "Changes, Challenges, and Collaborations: Effective Cybersecurity Training." Through numerous high quality sessions, over 100 attendees will learn new ways to improve their IT security...
CYBERWEST: the Southwest Cybersecurity Summit(Phoenix, Arizona, USA, March 25 - 26, 2015) The purpose of CYBERWEST is to bring together Government and businesses to: Exchange information and learn in areas of policy and strategy; technology and R&D; workforce training and education; and economic,...
Women in Cyber Security(Atlanta, Georgia, USA, March 27 - 28, 2015) Despite the growing demand and tremendous opportunities in the job market, cybersecurity remains an area where there is significant shortage of skilled professionals regionally, nationally and internationally.
Automotive Cyber Security Summit(Detroit, Michigan, USA, March 30 - April 1, 2015) The debut Automotive Cyber Security Summit will bring together CTOs, CSOs, Engineers and IT professionals from GM, KIA, Nissan, Bosch, Qualcomm and more for three days of case studies, workshops, panel...
Insider Threat Symposium & Expo(Laurel, Maryland, USA, March 31, 2015) The National Insider Threat Special Interest Group (NITSIG) announced that it will hold FREE 1 day Insider Threat Symposium & Expo (ITS&E) on March 31, 2015 in Laurel, Maryland. The symposium is exclusively...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.